[Dovecot] don't follow symlinks when creating mailbox list

Dan Horák dan at danny.cz
Wed Jun 18 16:01:31 EEST 2008


Timo Sirainen píše v St 18. 06. 2008 v 12:38 +0300:
> On Wed, 2008-06-18 at 09:35 +0200, Dan Horák wrote:
> > this issue was discussed here twice in the not so far history
> > (http://www.dovecot.org/list/dovecot/2008-January/028317.html,
> > http://www.dovecot.org/list/dovecot/2008-February/029147.html), but I
> > need to open it again as it makes problems for our users on one side and
> > on the other side we don't want to diverge from the upstream sources in
> > our packages. I agree with Timo that simply disabling the symlink
> > following in creating the mailbox list can give a false sense of
> > security so the question is whether a permanent solution can be
> > developed and how it should look like?
> 
> Permanent solution would be to put your mailboxes in a separate
> directory where users preferrably don't even have write access, so they
> can't create broken symlinks.

Yes, that's true :-)

> 
> Other than that, I see only kludgy solutions.
> 
> Although I suppose I could consider including a check that keeps track
> of which directories are scanned and stops if it encounters a loop. Is
> your problem with loops or just that symlinks point to huge directory
> structures outside home dir?
> 

The main problem are loops that are taking the imap process into endless
search. The February thread contains your workaround (patch) that blocks
all symlinks which means even the harmless ones.


		Dan

-- 
Fedora and Red Hat package maintainer



More information about the dovecot mailing list